Ask the Expert: Network of the future - Software Defined Networking

Hilda Arteaga · ‎10-06-2017

This topic is a chance to discuss more about Cisco’s Digital Network Architecture (DNA) and enterprise networking solutions within Software-Defined networking (SD-Access). As a network engineer you might be wondering what the future looks like for us, and if the current skills we hold will not become obsolete. The feature has a lot of amazing things on the network engineering field, the ability to automate the network and simply management tasks, lower costs and enhance current solutions, predict performance and act automatically without any user impact. Cisco’s Digital Network Architecture (DNA) roadmap will allow you to deploy new solutions faster, support larger environments with high precision, predict and adapt faster.

To participate in this event, please use the button below to ask your questions

Ask questions from Monday, October 9 to 20, 2017

Featured Expert

Enrique Ramirez is an Enterprise Architect with the Main Street America Group in Jacksonville, Florida. Previous to this position, he was a Network Consultant at Dell Inc in Guadalajara, Mexico. With over more than 10 years of experience in Enterprise Networking, his main focus is in Routing & Switching, Security, Cloud, and Data Center Networking. Currently, Enrique is a CCIE R&S candidate and holds certifications like CCNP R&S, Security and CCDP, CCDA and CCNA R&S, Security and Wireless, AWS Solutions Architect and is part of the Cisco Champion program.

Enrique might not be able to answer each question due to the volume expected during this event. Remember that you can continue the conversation on the Contact Center Community

Find further information https://supportforums.cisco.com/t5/network-infrastructure/ct-p/4461-network-infrastructure

**Ratings Encourage Participation! **
Please be sure to rate the Answers to Questions

Hilda Arteaga · ‎10-10-2017

Hi Enrique

Please help us to solve a coumple of common doubts related to this topic:

Is there a way to predict performance in my network environment and implement automatic policies to prevent user impact?

How can I provide secure access to an application quickly within the enterprise?

Metin Altan · ‎10-10-2017

Hello Enrique:

I am still doing research on SDN and its benefits. What resources can you recommend that would help develop a plan to develop a plan to go from a traditional hardware model to an SDN network? I am interested in developing a white paper for my upper management in hopes of convincing them to investing in this type of infrastructure. Thanks.

Alexandro Carrasquedo · ‎10-17-2017

Hi Metin, I'd strongly suggest you going through the following Cisco Live sessions. This will give you a great understanding about the SDN approach cisco is taking in the enterprise network and where you can take advantage of the solution.

let me know if you are looking at the enterprise networking or if you're going more with a DC approach, then the ACI sessions would work.

cheers,

Alex

favilescaro · ‎10-10-2017

Deseo participar a este gran evento.

Saludos

Ing. Fred Aviles Caro

faviles@urp.edu.pe

Hilda Arteaga · ‎10-11-2017

Hola favilescaro

Gracias por tu interés, para participar solo debes presionar el botón de "Reply"

ubicado al final de la descripción del evento.

Te saldrá una forma (rich htlm) en la cual podrás escribir tu o tus dudas relacionadas al tema. Posteriormente el experto te ayudará a resolverlas.

Espero esto sea de ayuda ¡Gracias por tu interés y que todas tus dudas sean resueltas!

nasir2010 · ‎10-11-2017

Hi;

Is APIC also SDN ? I am facing difficulties in preparing CCIE DC ... What should i follow....

Alexandro Carrasquedo · ‎10-13-2017

APIC-EM is the controller for iWAN.

DNA Center is the controller of Software defined access and runs on top of APIC-EM (not as an app but the architecture is the same) and is the SDN flavor for enterprise networks.

APIC is the ACI controller and is the software defined flavor for DC.

alifahim2 · ‎10-11-2017

Hi,

Could we have a 'Hello World' example of an SDN. Is there a way to start learning SDN hands-on?

Ali

Alexandro Carrasquedo · ‎10-17-2017

I'm not sure what you mean by a hello world example. but with SD-Access you can, for instance, create a massive LISP control-plane network with the click of a button. This will push all the configuration to your overlay fabric devices and it will only take 10 minutes con to configure lisp, ETR/ITR/PXTR/MSMR.

With 5 more minutes you can have your fabric devices provisioned with AAA, dot1x, and a lot of other neat features. Please refer to BRKCRS-2811 in ciscolive.com on-line library and that will get you ramped up with SD-Access which is the DNA flavor for enterprise networking.

Let me know if you have further questions.

Enrique Ramirez · ‎10-17-2017

I completely agree with Alexandro, SD-Access is an extremely powerful tool that will allow you to overcome most of the challenging issues in enterprise networking.

I also suggest taking look at the following introduction video.

https://www.cisco.com/c/m/en_us/training-events/events-webinars/webinars/techwise-tv/211-software-defined-access.html?oid=wbren000312

Best Regards,

Enrique Ramirez

Jonathan Franz Torrez Soria · ‎10-11-2017

Hi Enrique

I have a questions about the APIC-EM that are part of the CISCO DNA.

With the version 1.5 from the app IWAN, i see that i can modify the configuration from the APIC, but when i realice some changes directly on the equipement and not with the APIC, the APIC doesn´t know the changes that are realiced on the router, how i can add the configuration that i realiced on the equipement to the APIC???
When i have 2 ISP with the APIC, i see that i can select from the APIC what application goes for the ISP that i select, but when i realiced the test this feature doesn´t work, how i can review where is the problem??.

Regards

Enrique Ramirez · ‎10-17-2017

Hello Jonathan,

Related to your first question, do you mean that a configuration done directly to the router doesn't sync back to APIC-EM? If that is the case, that is a limitation of APIC-EM, as custom configurations do not sync back to the database.

As for your second question, you would need to analyze your PRF policy. Do you have Live Action configured on your network?

Best Regards,

Enrique Ramirez

Gabriel Medina · ‎10-18-2017

Hi Jonathan,

Good day

To answer your questions.

1.APIC-EM 1.5 (iWAN-App) does not synchronize new new configuration added to the controller via CLI into the database. Example: if you add a new ACL or a route leaking, APIC-EM does not synchronize that automatically to the database. What APIC-EM does is pushing the iWAN prescriptive configuration to the devices (Policies, PfR, VRFs etc) and its polling the device to check if that configuration that it pushes to the device its still matching its database. If you add a configuration that may conflict to what APIC pushed, it will override.

For more info please check this link: Limitations of Custom Configuration

2. In that case, make sure that APIC-EM indeed pushed the policy path preference for that class to the Hub MC (You can check that via cli at each MC "show domain <name> master policy" and look for your policy). If that's the case, we may have to troubleshoot if the traffic classes are controlled or not by each MC at the site you are sending the packets from. For that I may suggest to open a TAC case.

Best,

ielman@gibraltarsolutions.com · ‎10-20-2017

+participate